Restricting access to operator information in public-facing applications
You can restrict all access to data in the Data-Admin-OperatorID class to only the end user’s data through an access control policy.
- In the header of Dev Studio, click .
- Create Access Control Policy Condition rule with below details:
- Identifier: <Name of your choice>
- Ruleset: <Any application ruleset where this restriction needs to be enforced>
- Apply To: Data-Admin-Operator-ID
- On the Pages & Classes tab, add OperatorID in the Page Name field, and Data-Admin-Operator-ID in the Class field.
- On the Definition tab, enter the following conditions:
- In the Conditional Logic section, name the condition.
- In the Policy Conditions section, name the condition the same as the Conditional logic.
- In the Column source column, select .pyUserIdentifer.
- In the Relationship column, set it to Is equal.
- In the Value column, select OperatorID.pyUserIdentifier.
- Create Access Control Policy rule with below details
- Identifier: <Any name of choice>
- Action: Read
- Ruleset: <Any ruleset in an application where this restriction needs to be enforced>
- Apply To: Data-Admin-Operator-ID
- On the Definition tab, add the name of the Access Control Policy condition rule created in Step 4.
Previous topic Basic requirements for deploying public-facing applications Next topic Understanding project roles and personas